The lawsuit claimed that some of its iPhones and smartwatches unintentionally activated Siri and recorded users’ conversations, sharing the audio with third-party advertisers.

Voice-activated assistants react when people use “hot words” such as “Hey, Siri”, or for Amazon’s Alexa, simply: “Alexa”.

Two plaintiffs said that they received ads for Air Jordan shoes and Olive Garden restaurants after talking about them in what they thought were confidential conversations.

Another said that after a private conversation with his doctor about a brand-name surgical treatment, he began seeing ads for the same treatment.

They claimed to have not used the phrase “Hey, Siri” to wake Apple’s voice assistant.

Allegedly, advertisers who received the recordings could then search for keywords in order to target ads.

The class period for the lawsuit covers from September 17, 2014, through December 31, 2024, starting from when Apple introduced the “Hey, Siri” feature, which plaintiffs allege led to unauthorised voice recordings.

Apple has proposed a decision date of February 14. If successful, tens of millions of people could receive up to $20 per Siri-equipped device.

As noted by Reuters, $95 million is about nine hours of profit for Apple, highlighting that such lawsuits come as a business cost for big tech companies.

Apple has explicitly denied wrongdoing in agreeing to settle, as well as claims that it “recorded, disclosed to third parties, or failed to delete, conversations recorded as the result of a Siri activation” without consent.

The post Apple to pay $95 million settlement over Siri “listening” to conversations appeared first on TechInformed.

Earlier this week, the US Treasury Department revealed that it had been hacked by Chinese hackers, who had accessed several employee workstations and unclassified documents.

A letter by the treasury stated that the hackers compromised third-party cybersecurity service provider BeyondTrust in order to steal unclassified documents in what it called a “major incident.”

It detailed that the hackers gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users.

With the stolen key, the threat actor was able to override the service’s security and remotely access user workstations.

“Based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor,” the letter read.

The Treasury Department said it was alerted to the breach by BeyondTrust on December 8, and it was working with the US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to assess the impact of the hack.

The letter added that there was no evidence that the hacker was still in its systems.

The Washington Post has since spoken to anonymous US officials who said the attackers compromised the Office of Foreign Assets Control and the Office of Financial Research and also targeted the office of US Treasury Secretary Janet Yellen.

According to the report, US officials said that the Chinese government’s motivation would likely be to find out what Chinese entities the US government is considering designating for financial sanctions.

In response to the report, spokesperson for the Chinese Embassy in Washington, Liu Pengyu, said that the “irrational” US claim was “without any factual basis” and represented “smear attacks” against Beijing.

The spokesperson added that China “combats all forms of cyber-attacks”.

The US Treasury has not responded to a request for comment on the report.

The post US Treasury accuses Chinese hackers of stealing documents appeared first on TechInformed.

The documents reveal that Rostislav Panev, a 51-year-old man with dual Russian-Israeli citizenship, is facing extradition to the US to face charges alongside two others accused of working for the cybercriminal group

Panev allegedly served as a malware developer for the ransomware group from its inception in 2019 until February 2024, receiving approximately $230,000 in cryptocurrency transfers from the group between June 2022 and February 2024.

During his time at the group, Panev and his co-conspirators helped grow LockBit into what the US Justice Department refers to as “the most active and destructive ransomware group in the world.”

LockBit is responsible for more than 2,500 attacks across at least 120 countries, including 1,800 in the US.  Victims have included businesses of all sizes, hospitals, schools, nonprofit organisations, critical infrastructure, government agencies, and law enforcement entities.

In total, the group received at least $500 million in ransom payments and caused billions of dollars in losses.

According to the Justice Department, at the time of his arrest, Panev had admin credentials for LockBit’s Dark Web online repository with the gang’s ransomware source code, alongside source code for an affiliate tool called “StealBit” used to exfiltrate stolen data.

Panev’s laptop also had access credentials for the LockBit control panel used by affiliates.

In interviews with Israeli authorities following his arrest in August, Panev admitted to performing coding development and consulting work for the LockBit group and receiving regular payments in cryptocurrency for his work.

“The Justice Department’s work going after the world’s most dangerous ransomware schemes includes not only dismantling networks, but also finding and bringing to justice the individuals responsible for building and running them,” said the Justice Department’s attorney general Merrick B. Garland.

“Three of the individuals who we allege are responsible for LockBit’s cyberattacks against thousands of victims are now in custody, and we will continue to work alongside our partners to hold accountable all those who lead and enable ransomware attacks,” he added.

In February this year, the UK, US, and EU law enforcement announced the takedown of the group with a notice on the gang’s extortion site that read: “The site is now under the control of law enforcement.”

In what was called ‘Operation Cronos’, the agencies displayed multiple screenshots of LockBit’s backend and announced its affiliates in Poland and Ukraine.

Then, in May, the National Crime Agency led a campaign to identify the ‘leader of LockBit’, unmasked as Dmitry Khoroshev.

More recently, unknown individuals claiming to represent the ransomware gang have broken cover to announce the impending release of a new malware, LockBit 4.0.

Reported screengrabs from the Dark Web show the supposed cyber-criminal inviting interested parties to “sign up and start your pentester billionaire journey in 5 minutes with us.”

It showed a countdown timer with a launch date of 3 February 2025.

Read more about who LockBit were during their time as a cyber gang here.

The post LockBit ransomware developer arrested appeared first on TechInformed.

The AI tool, funded by the Michigan Department of Environment, Great Lakes, and Energy (EGLE), helps recycle end-of-life batteries from products as big as an EV car and as small as a vape by detecting and removing materials such as lithium, nickel, and cobalt and reusing them.

“This project addresses a major national security concern as the United States imports most of our battery materials used for domestic battery cell production facilities from China and other parts of the world,” said Dan Radomski, CEO of Centrepolis Accelerator, the business assistance arm of LTU that supports physical product developers.

“It is critical that we secure end-of-life batteries and reprocess them in a cost-effective way to enable a local source of minerals that can be used again in Michigan and other domestic battery cell production operations,” he added.

A 2022 study found that the world would need to build 400 new mines by 2035 to meet EV and energy storage battery demand.

According to Radomski, most lithium-ion batteries have lithium, nickel, and cobalt, yet almost 90% of those minerals are mined and processed in China.

He added that the US only has one nickel mine. It’s estimated that the country would need 72 to meet requirements for domestic production of batteries.

In addition, Liz Browne, director of EGLE’s materials management division, said disposable vape pens that hold lithium-ion batteries are increasingly appearing in landfills.

She said that finding a way to recycle the elements inside is essential.

EGLE also awarded nearly $1.5 million to the University of Michigan for a plan to create a 500-kilowatt, grid-tired energy storage system by reusing old EV batteries. Over $700,000 also went to Michigan State University’s battery recycling project.

The post US university scientists to develop AI technology for recycling EV and vape batteries appeared first on TechInformed.

Romania’s scrapped presidential election was targeted by Russian cyberattacks, misinformation, and propaganda, the country’s parliamentary committee has concluded.

Two weeks ago, the presidential election was annulled after far-right, NATO-sceptic Calin Georgescu secured victory in the first round.

The court reached its decision following the revelation of five declassified documents by the EU and NATO’s top security council, which suggested that election interference may have occurred.

At the time, the court suspected Georgescu benefited from a mass influence operation created to influence the result of the vote, believed to be Russia. Russia has denied these claims.

The FBI, the Officer of the Director of National Intelligence, and the Cybersecurity and Infrastructure Security Agency have long since warned that Russia was “the most active threat” for misinformation.

Ahead of this year’s US election, they released this joint statement: “We anticipate Russian actors will release additional manufactured content with these themes through election day and in the days and weeks after polls close.”

Now, the Foreign Intelligence Service (SIE) has shown more findings allegedly confirming interference to the Romanian parliamentary committee in charge of overseeing it.

“There were cyberattacks meant to influence the fairness of the election, particularly from Russia, to influence the public agenda by using artificial intelligence and aggressive online promotion,” commission chief Mihai Weber said.

Intelligence agencies reported that around 85,000 attempted hacks were made to access electoral data and change content, including on election day.

“There were [also] misinformation and propaganda campaigns to support Eurosceptic candidates, who were favoured compared with other competitors,” Weber added.

Separately, the EU has also launched an investigation into TikTok for allegedly failing to curb Romanian election interference.

Romanian intelligence reports indicate that Georgescu’s surge in popularity was driven by a “highly organised” and “guerrilla” social media campaign on the platform, which utilised identical messaging and influencers.

The declassified documents that led to the annulment of the election revealed that paid content promoting Georgescu was shared on TikTok without proper labelling as election-related, breaching both TikTok’s own guidelines and Romania’s electoral laws.

One declassified file highlighted that $381,000 was paid towards TikTok influencers in a single month to promote him on the platform.

At the time, Georgescu denied any knowledge of the influencers or financial backers involved in the campaign.

TikTok said in a statement that it has “protected the integrity” of its platform in over 150 elections around the world and is continuing to address these “industry-wide” challenges.

If the EU finds that TikTok breached its digital rulebook, it could face fines worth up to 6% of its total global revenue and be forced to make changes to fix the problem.

To read more on technology and 2024’s eventful election year, click here.

The post Romania’s election was target of cyberattacks and misinformation, parliament finds appeared first on TechInformed.

The appeal, filed on Monday, December 16, aims to prevent a federal court ruling earlier this year that requires TikTok parent ByteDance to sell its US arm or face a national ban.

While the Supreme Court has not yet disagreed or agreed to the requested injunction against the law, it will now listen to arguments on the matter on January 10.

“We believe the Court will find the TikTok ban unconstitutional so the over 170 million Americans on our platform can continue to exercise their free speech rights,” a TikTok spokesperson said to the BBC.

On the same day as the appeal was made, President-elect Donald Trump met TikTok’s CEO, Shou Zi Chew, according to reports from CBS News.

Trump publicly opposed the ban and said in a press conference on Monday that he would “take a look at TikTok”.

“I have a warm spot in my heart for TikTok because I won youth by 34 points,” he said. “There are those that say TikTok has something to do with that. TikTok had an impact.”

His term would begin a day after the potential ban, on 20 January 2025.

The bill introducing the law said the ban would “protect the national security of the United States from the threat posed by foreign adversary-controlled applications”.

It follows alleged links between TikTok owner ByteDance and the Chinese state, though the social media firm has denied this.

The firm unsuccessfully requested that the law be delayed through a request to the Court of Appeals for the District of Columbia last week. This week, the firm is asking the Supreme Court to temporarily block the ban.

“The act will shutter one of America’s most popular speech platforms the day before a presidential inauguration,” TikTok said in a court filing.

“This, in turn, will silence the speech of applicants and the many Americans who use the platform to communicate about politics, commerce, arts, and other matters of public concern.”

The post US Supreme Court to hear TikTok’s appeal, Trump meets TikTok CEO appeared first on TechInformed.

The regulator said it will leverage powers granted to it under the UK’s Online Safety Act to introduce rules to combat criminal harms, including terrorism, fraud, hate speech, child sexual abuse, and the encouragement of suicide.

The new safety requirements will apply to various types of online services, including social media platforms, search engines, messaging apps, gaming and dating platforms, as well as pornography and file-sharing sites.

Companies have until March 17, 2025, to implement the safety measures.

Changes firms must make include designating a senior leader within their top governance team who will be responsible for ensuring compliance with the rules around illegal content, as well as the reporting and handling of complaints.

It also requires tech firms to ensure their moderation teams are appropriately resourced and trained. This means setting performance targets in order to remove illegal material swiftly, making reporting and complaints functions easier for users to find and use, and optimising algorithms to ensure illegal content is harder to distribute.

Child safety online

The new codes also aim to enforce measures to protect children from sexual abuse and exploitation online.

This will mean platforms should ensure children’s accounts and locations are not visible to users other than their friends, as default.

Children must also receive information from the platforms to educate them on the risk of sharing personal information, and children’s accounts should not be suggested as connections.

The online watchdog quotes children from the age of 14-17 who are said to have received messages asking for bikini photos in exchange for money, or other unwanted invitations.

“I don’t want my siblings to go through what I did on social media. I feel happy about these measures because I know that my sisters and siblings would feel safe,” said one girl, aged 14.

Another 14 year old added: “[This will be] effective because no more strangers can be added, there are no more creeps sending things, and it will decrease grooming.”

According to an Ofcom study, many young people felt interactions with strangers, including adults or users perceived to be adults, are currently an inevitable part of being online—they described becoming ‘desensitised’ to receiving sexualised messages.

Fraud and terrorism

Ofcom also aims to tackle fraud by ensuring sites and apps establish a dedicated reporting channel for organisations with fraud expertise.

The regulator said that this would allow them to flag known scams to platforms in real time so that action can be taken.

It also requires sites to remove users and accounts that spread terrorist content.

“For too long, sites and apps have been unregulated, unaccountable and unwilling to prioritise people’s safety over profits,” said Melanie Dawes, Ofcom’s chief executive.

“The safety spotlight is now firmly on tech firms and it’s time for them to act. We’ll be watching the industry closely to ensure firms match up to the strict safety standards set for them under our first codes and guidance, with further requirements to follow swiftly in the first half of next year,” she added.

The UK Parliament set Ofcom a deadline of 18 months after the Online Safety Act was passed, on October 26th, 2023, to finalise its illegal harms and children’s safety codes of practice and guidance.

The post UK’s internet watchdog unveils online criminal crackdown appeared first on TechInformed.

According to updates on OpenAI’s status page, the disruption, which began at 3:16pm PST, was resolved by 7:38pm PST.

Key Details of the Outage

OpenAI confirmed that the issue stemmed from a configuration change that rendered many servers unavailable. The outage affected users globally, causing errors in API calls, login failures, and interruptions for both ChatGPT and Sora.

We’re experiencing an outage right now. We have identified the issue and are working to roll out a fix.

Sorry and we’ll keep you updated!

— OpenAI (@OpenAI) December 12, 2024

As of 6:50pm PST, OpenAI had partially restored services, with full recovery achieved shortly after.

The incident coincided with OpenAI’s “12 Days of OpenAI” campaign, an event highlighting daily product releases, including its integration with Apple Intelligence on iOS 18.2 and the public launch of Sora.

However, the outage disrupted the availability of these features, leading to widespread user frustration.

“We have identified the issue and are working to roll out a fix,” read an error message displayed on ChatGPT.com during the downtime.

The outage sparked frustration across social media, particularly among students and professionals who rely on OpenAI’s tools for critical tasks, highlighting the user dependency that already exists on ChatGPT.

Businesses utilising OpenAI’s API for applications also faced disruptions, potentially leading to revenue losses.

Read more: 2024’s Top Tech Turkeys: Musk Malaise, Heavy Headsets, and… CrowdStrike

Technical challenges amid rapid growth

The outage followed Sora’s high-demand launch earlier this week. Users reported difficulties accessing the service due to server capacity issues.

OpenAI CEO Sam Altman acknowledged that the company had underestimated interest in the tool.

OpenAI developer community lead Edwin Arbus stated that the outage was unrelated to the “12 Days of OpenAI” campaign or the Apple Intelligence integration, attributing it instead to internal server configurations.

Neal Riley, co-founder of Salable, warned that even short interruptions could have lasting consequences in the competitive AI market.

“The recent introduction of Sora saw some immediate scaling challenges, and this latest outage comes on the heels of announcing ChatGPT’s integration into Apple Intelligence issues.

“While we have yet to see the post-mortem on this four-hour outage, the forums were raft with messages demonstrating minimal user tolerance for interruption to service.”

The outage occurred as OpenAI faces growing competition from Google and Amazon’s AI offerings. Both companies have released advanced AI products rapidly gaining traction, making user retention critical for OpenAI’s success.

Riley added: “Even four hours of downtime is enough to get users to try new services and break the muscle memory they have built up with ChatGPT.”

Following the incident, the company reported on its status page that it “will run a full root-cause analysis of this outage and share details on this page when complete.”

The post Major outage disrupts OpenAI’s ChatGPT, API, and Sora services appeared first on TechInformed.

The cyberattack has disrupted operations, including online ordering in the United States. The company added that it has initiated an investigation and is working with external cybersecurity experts to mitigate the impact.

Krispy Kreme said the expected costs related to the incident, including the loss of revenue from digital sales, are “reasonably likely to have a material impact” on its operating results.

According to Reuters, shares of the company were down about 2% in premarket trading.

James Scobey, CISO at Keeper Security, said the incident highlighted the high cost of cybersecurity breaches — not only in financial terms but also in operational disruption and the erosion of customer trust.

“The reported downtime of online ordering demonstrates how even temporary interruptions can have a significant impact on revenue and brand reputation,” he said.

To mitigate ever-present cyber risks, he added that organisations needed to adopt a proactive approach to cybersecurity.

Read more: Ransomware Gangs of 2024: The Rise of the Affiliates

“Privileged Access Management (PAM) protects systems by limiting access to sensitive assets to only essential personnel and continuously monitoring privileged accounts for unusual activity.

“Strong password management — including the enforcement of strong, unique passwords and multi-factor authentication — is a critical first line defence in preventing unauthorised access.”

He continued that the cost of implementing these proactive measures was a fraction of the expense required to recover from a breach.

“Regular security audits, employee training and vulnerability assessments help identify and address potential vulnerabilities. Cybersecurity isn’t just a technical requirement — it’s essential for organisations to ensure operational resilience and maintain customer confidence.”

While cyber experts have praised the company for responding quickly — the incident occurred in late November — Boris Cipot, a senior security engineer at Black Duck Software, added that it also highlighted how industry sectors not associated with technology should focus on improving their overall security posture.

“Every business is a software business and, therefore, a possible target for cyber attacks. Targets like Krispy Kreme are usually lucrative for cyberattacks. Improvements in the security posture should include threat detection systems that can locate a threat before it impacts operations.”

The post Hackers take a bite out of Krispy Kreme in latest cyberattack appeared first on TechInformed.

The key finding, highlighted in Orange Cyberdefense’s 2025 Security Navigator report, revealed that Europe has become a prime target for hacktivists, while the US has been impacted more by cyber extortion, with a 25% year-on-year increase in cases.

Hacktivists are individuals or groups who use hacking techniques to promote a political or social agenda. They typically target organisations, governments, or individuals to expose perceived injustices, disrupt operations, or draw attention to their causes.

Speaking at a media gathering in London last week Charl van der Walt, Security Navigator’s head of research observed a new intersection between cyber activism and state-sponsored operations.

“We are seeing a hybridisation of hostile nation-states and criminals challenging our need to want to put things in boxes. They move quite fluidly between political activism and crime and legitimate work – but technological mastery is the common thread,” he said.

Read more: The rise of the hackvist supergroup

Their weapon of choice, he added, was almost entirely around distributed denial-of-service (DDoS) attacks which overload servers with traffic, disrupting access to websites or services to cause maximum chaos.

Security Navigator singled out a pro-Russian hacktivist group as one of the main perpetrators- claiming over 6,600 attacks since March 2022, almost exclusively in Europe.

The targets, the report adds are typically  “symbolic and important European entities” – which could be election-related systems, financial institutions or critical infrastructure, and their activities tend to be triggered by geopolitical events such as the recent farmer’s strike in Belgium.

“These groups aim to draw attention to the political and economic issues they consider important, creating fear, uncertainty and doubt,” the report added.

The US

The report noted that the pro-Russian hacktivist groups were not targeting US territories with van der Walt suggesting the atomisation of criminal cyber gang Lockbit by the US authorities and others meant that “perhaps they don’t want to poke that bear”.

North America did not remain unscathed , however, and was the most impacted region globally in terms of cyber extortion, with a 25% YOY increase in cases, the report noted.

The US also experienced the highest cases of OT (Operational Technology) attacks (on water systems, grain siloes etc) accounting for almost half of all incidents. “This trend reinforces the region’s position as a top target for financially motivated threat actors,” the report stated.

Interactive mapping

Orange has also released a new interactive mapping of criminal ecosystem, Cybercrime Now, which the French company is making publicly available for the first time.

Aimed at researchers, journalists and analysts, Orange claims that the visualisation tool offers users the change to explore the networks that underpin major forms of cybercrime.

The post Orange Cyberdefense warns of prolific pro-Russian hacktivist group and releases cybergang mapping tool appeared first on TechInformed.